[Snort-sigs] How dose suricata load snort dynamic rules (so_rules)?

Joel Esler (jesler) jesler at ...3865...
Fri Nov 18 23:14:40 EST 2016

Which rules are you trying to trigger?

Sent from my iPhone

On Nov 18, 2016, at 10:12 PM, 刘强 <liuqiang40 at ...1318...<mailto:liuqiang40 at ...1318...>> wrote:


We need show a demo to our customer the IDS ability of snort.

Where can I find some pcap samples to trigger the rules?

Thanks a lot.

在 2016-11-18 00:06:43,"Joel Esler (jesler)" <jesler at ...3865...<mailto:jesler at ...3865...>> 写道:
It doesn’t.  Suricata cannot load Snort’s Dynamic Ruleset.

Joel Esler | Talos: Manager | jesler at ...3865...<mailto:jesler at ...3865...>

On Nov 16, 2016, at 9:58 PM, 刘强 <liuqiang40 at ...1318...<mailto:liuqiang40 at ...1318...>> wrote:


How can I use the latest suricata to load the latest snort dynamic rules (so_rules)?

Thanks a lot.


Snort-sigs mailing list
Snort-sigs at lists.sourceforge.net<mailto:Snort-sigs at lists.sourceforge.net>


Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org<http://Snort.org> to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20161119/6d2da2ca/attachment.html>

More information about the Snort-sigs mailing list